Start managing gateways with helmfile

This commit is contained in:
Nikolai Rodionov 2023-10-17 14:56:57 +02:00
parent 250ee3ef26
commit 63df23af17
No known key found for this signature in database
GPG Key ID: 19DB54039EBF8F10
7 changed files with 103 additions and 12 deletions

View File

@ -92,6 +92,11 @@ releases:
namespace: mail-service namespace: mail-service
createNamespace: true createNamespace: true
- <<: *istio-gateway-resources
installed: true
namespace: istio-system
createNamespace: false}
bases: bases:
- ../environments.yaml - ../environments.yaml
- ../repositories.yaml - ../repositories.yaml

View File

@ -1,4 +1,4 @@
istio_gateway: istio-gateway:
enabled: true enabled: true
gateways: gateways:
- name: badhouseplants-email - name: badhouseplants-email
@ -52,26 +52,26 @@ istio:
kind: tcp kind: tcp
gateway: badhouseplants-email gateway: badhouseplants-email
service: docker-mailserver service: docker-mailserver
hostname: badhousplants.net hostname: badhouseplants.net
port_match: 25 port_match: 25
port: 25 port: 25
- name: docker-mailserver-smpts - name: docker-mailserver-smpts
kind: tcp kind: tcp
gateway: badhouseplants-email gateway: badhouseplants-email
port_match: 465 port_match: 465
hostname: badhousplants.net hostname: badhouseplants.net
service: docker-mailserver service: docker-mailserver
port: 465 port: 465
- name: docker-mailserver-smpt-startls - name: docker-mailserver-smpt-startls
kind: tcp kind: tcp
gateway: badhouseplants-email gateway: badhouseplants-email
hostname: badhousplants.net hostname: badhouseplants.net
port_match: 587 port_match: 587
service: docker-mailserver service: docker-mailserver
port: 587 port: 587
- name: docker-mailserver-imap - name: docker-mailserver-imap
kind: tcp kind: tcp
hostname: badhousplants.net hostname: badhouseplants.net
gateway: badhouseplants-email gateway: badhouseplants-email
port_match: 143 port_match: 143
service: docker-mailserver service: docker-mailserver
@ -79,7 +79,7 @@ istio:
- name: docker-mailserver-imaps - name: docker-mailserver-imaps
kind: tcp kind: tcp
gateway: badhouseplants-email gateway: badhouseplants-email
hostname: badhousplants.net hostname: badhouseplants.net
port_match: 993 port_match: 993
service: docker-mailserver service: docker-mailserver
port: 993 port: 993
@ -87,22 +87,32 @@ istio:
kind: tcp kind: tcp
gateway: badhouseplants-email gateway: badhouseplants-email
port_match: 110 port_match: 110
hostname: badhousplants.net hostname: badhouseplants.net
service: docker-mailserver service: docker-mailserver
port: 110 port: 110
- name: docker-mailserver-pop3s - name: docker-mailserver-pop3s
kind: tcp kind: tcp
gateway: badhouseplants-email gateway: badhouseplants-email
port_match: 993 port_match: 993
hostname: badhousplants.net hostname: badhouseplants.net
service: docker-mailserver service: docker-mailserver
port: 993 port: 993
- name: docker-mailserver-rainloop
kind: http
gateway: istio-system/badhouseplants-net
hostname: mail.badhouseplants.net
service: docker-mailserver-rainloop
port: 80
rainloop:
enabled: true
ingress:
enabled: false
demoMode: demoMode:
enabled: false enabled: false
domains: domains:
- badhouseplants.net - badhouseplants.net
- "*.badhouseplants.net" - mail.badhouseplants.net
ssl: ssl:
issuer: issuer:
name: badhouseplants-issuer name: badhouseplants-issuer

View File

@ -0,0 +1,69 @@
istio-gateway:
enabled: true
gateways:
- name: badhouseplants-net
servers:
- hosts:
- badhouseplants.net
- '*.badhouseplants.net'
port:
name: http
number: 80
protocol: HTTP2
tls:
httpsRedirect: true
- hosts:
- badhouseplants.net
- '*.badhouseplants.net'
port:
name: https
number: 443
protocol: HTTPS
tls:
credentialName: badhouseplants-wildcard-tls
mode: SIMPLE
- name: nrodionov-info
servers:
- hosts:
- nrodionov.info
- dev.nrodionov.info
port:
name: http
number: 80
protocol: HTTP2
tls:
httpsRedirect: false
- hosts:
- nrodionov.info
- dev.nrodionov.info
port:
name: https
number: 443
protocol: HTTPS
tls:
credentialName: nrodionov-wildcard-tls
mode: SIMPLE
- name: badhouseplants-vpn
servers:
- hosts:
- '*'
port:
name: tcp
number: 1194
protocol: TCP
- name: badhouseplants-ssh
servers:
- hosts:
- '*'
port:
name: ssh
number: 22
protocol: TCP
- name: badhouseplants-minecraft
servers:
- hosts:
- '*'
port:
name: minecraft
number: 25565
protocol: TCP

View File

@ -1,4 +1,3 @@
---
service: service:
type: LoadBalancer type: LoadBalancer
ports: ports:

View File

@ -1,5 +1,5 @@
--- ---
istio_gateway: istio-gateway:
templates: templates:
- | - |
{{ range .Values.gateways }} {{ range .Values.gateways }}

View File

View File

@ -45,7 +45,7 @@ templates:
dependencies: dependencies:
- chart: bedag/raw - chart: bedag/raw
version: 2.0.0 version: 2.0.0
alias: istio_gateway alias: istio-gateway
values: values:
- '{{ requiredEnv "PWD" }}/common/values.istio-gateway.yaml' - '{{ requiredEnv "PWD" }}/common/values.istio-gateway.yaml'
@ -179,6 +179,14 @@ templates:
- template: istio-common - template: istio-common
- template: default-env-values - template: default-env-values
istio-gateway-resources: &istio-gateway-resources
name: istio-gateway-resources
chart: bedag/raw
version: 2.0.0
inherit:
- template: ext-istio-gateway
- template: default-env-values
istiod: &istiod istiod: &istiod
name: istiod name: istiod
chart: istio/istiod chart: istio/istiod